Jump to content

Full root filesystem encryption on an Armbian system (NEW, replaces 2017 tutorial on this topic)


Recommended Posts

Hi Steven,

 

thanks for your feedback and thanks again for your suggestion that led me to the right direction. Yeah, the .next file was missing after I did the encryption stuff mentioned here, no clue why. So I wrote everything in detail, maybe the devs can look over it and tell us more and even fix it if there's something to fix. Thanks for the hint about net.ifnames=0 I will try that and report back.

 

I'm happy right now.

Link to comment
Share on other sites

Armbian & Khadas are rewarding contributors

I have Orange Pi Lite. After running the attached script.  But, black screen after reboot on LUKS enabled SD Card. I don't see any prompt asking for password to unlock the root partition. I use the following command to run:

 

sudo ./armbian_rootenc_setup.sh  -R -m -F /dev/sda

 

U-Boot 2020.10-armbian (Aug 08 2021 - 16:13:23 +0200) Allwinner Technology

 

CPU:   Allwinner H3 (SUN8I 1680)

Model: Xunlong Orange Pi Lite

DRAM:  512 MiB

MMC:   mmc@1c0f000: 0, mmc@1c10000: 1

Loading Environment from FAT… Unable to use mmc 0:1… In:    serial@1c28000

Out:   serial@1c28000

Err:   serial@1c28000

Net:   No ethernet found.

starting USB…

Bus usb@1c1b000: USB EHCI 1.00

Bus usb@1c1b400: USB OHCI 1.0

Bus usb@1c1c000: USB EHCI 1.00

Bus usb@1c1c400: USB OHCI 1.0

scanning bus usb@1c1b000 for devices… 1 USB Device(s) found

scanning bus usb@1c1b400 for devices… 2 USB Device(s) found

scanning bus usb@1c1c000 for devices… 2 USB Device(s) found

scanning bus usb@1c1c400 for devices… 1 USB Device(s) found

       scanning usb for storage devices… 0 Storage Device(s) found

Autoboot in 1 seconds

switch to partitions #0, OK

mmc0 is current device

Scanning mmc 0:1…

Found U-Boot script /boot/boot.scr

3964 bytes read in 2 ms (1.9 MiB/s)

## Executing script at 43100000

U-boot loaded from SD

Boot script loaded from mmc

202 bytes read in 2 ms (98.6 KiB/s)

9986940 bytes read in 476 ms (20 MiB/s)

7995296 bytes read in 382 ms (20 MiB/s)

Found mainline kernel configuration

31752 bytes read in 11 ms (2.8 MiB/s)

4185 bytes read in 7 ms (583 KiB/s)

Applying kernel provided DT fixup script (sun8i-h3-fixup.scr)

## Executing script at 45000000

## Loading init Ramdisk from Legacy Image at 43300000 …

   Image Name:   uInitrd

   Image Type:   ARM Linux RAMDisk Image (gzip compressed)

   Data Size:    9986876 Bytes = 9.5 MiB

   Load Address: 00000000

   Entry Point:  00000000

   Verifying Checksum … OK

## Flattened Device Tree blob at 43000000

   Booting using the fdt blob at 0x43000000

   Loading Ramdisk to 49679000, end 49fff33c … OK

   Loading Device Tree to 49608000, end 49678fff … OK

 

Starting kernel …

 

Link to comment
Share on other sites

On 4/28/2022 at 4:16 AM, Felix said:

I have Orange Pi Lite. After running the attached script.  But, black screen after reboot on LUKS enabled SD Card. I don't see any prompt asking for password to unlock the root partition. I use the following command to run:

 

sudo ./armbian_rootenc_setup.sh  -R -m -F /dev/sda

 

 

Are you able to unlock the device via SSH as per the instructions? Can you ping the device at the expected address?

 

Note that the script has been updated, so you might clone or pull the new version from Github and try running it again.

Link to comment
Share on other sites

Hello, I've been trying to use the automated script on an Odriod HC4 running Ubuntu Jammy 5.17.5, but it always fails at some point after running APT with some illegal instruction errors. I pasted the output of the script below. I've never really asked for help on one of these forums before and I'm kind of a noob, so if I'm doing something wrong or if more information is needed then let me know.

 

 

             ┌───────────────────────────────────────────────────┐
             │ ⣎⣱ ⡀⣀ ⣀⣀  ⣇⡀ ⠄ ⢀⣀ ⣀⡀   ⣏⡉ ⣀⡀ ⢀⣀ ⡀⣀ ⡀⢀ ⣀⡀ ⣰⡀ ⢀⡀ ⢀⣸ │
             │ ⠇⠸ ⠏  ⠇⠇⠇ ⠧⠜ ⠇ ⠣⠼ ⠇⠸   ⠧⠤ ⠇⠸ ⠣⠤ ⠏  ⣑⡺ ⡧⠜ ⠘⠤ ⠣⠭ ⠣⠼ │
             │     ⣏⡱ ⢀⡀ ⢀⡀ ⣰⡀   ⣏⡉ ⠄ ⡇ ⢀⡀ ⢀⣀ ⡀⢀ ⢀⣀ ⣰⡀ ⢀⡀ ⣀⣀     │
             │     ⠇⠱ ⠣⠜ ⠣⠜ ⠘⠤   ⠇  ⠇ ⠣ ⠣⠭ ⠭⠕ ⣑⡺ ⠭⠕ ⠘⠤ ⠣⠭ ⠇⠇⠇    │
             │                 ⢎⡑ ⢀⡀ ⣰⡀ ⡀⢀ ⣀⡀                    │
             │                 ⠢⠜ ⠣⠭ ⠘⠤ ⠣⠼ ⡧⠜                    │
             └───────────────────────────────────────────────────┘
                      For detailed usage information,
                        invoke with the '-h' switch

get_armbian_image                OK
apt_install_host                 OK
close_loopmount                  OK
umount_target                    OK
remove_build_dir                 OK
Will write to target /dev/sda (Mass   Storage Device 59.5G)
check_sdcard_name_and_params     OK
create_build_dir                 OK

  Enter the IP address of the target machine.
  Enter 'dhcp' for a dynamic IP or 'none' for no remote SSH unlocking support
  IP address: 192.168.1.5

  Enter the netmask of the target machine,
  or hit ENTER for the default (255.255.255.0):

  Enter a boot partition label for the target machine,
  or hit ENTER for the default (ARMBIAN_BOOT):

  Enter a device name for the encrypted root filesystem,
  or hit ENTER for the default (rootfs):

  Choose a simple disk password for the installation process.
  Once your encrypted system is up and running, you can change
  the password using the 'cryptsetup' command.
  Enter password: 123

  Unlock the disk from the serial console.  WARNING: enabling this will
  make it impossible to unlock the disk using the keyboard and monitor,
  though unlocking via SSH will still work.
  Enable unlocking via serial console? (y/n): n

  Unlock the disk via SSH over USB (g_ether).  Enable this only if your board
  supports USB gadget mode, i.e. if it has a USB OTG port. WARNING: enabling this
  will make it impossible to unlock the disk over the Ethernet interface (eth0).
  Enable unlocking via SSH over USB? (y/n): n

  The following user options are in effect:
  + use local 'authorized_keys' file

  Armbian image:                Armbian_22.05.1_Odroidhc4_jammy_edge_5.17.5.img
  Target device:                /dev/sda (Mass   Storage Device 59.5G)
  Root filesystem device name:  /dev/mapper/rootfs
  Target IP address:            192.168.1.5
  Target netmask:               255.255.255.0
  Boot partition label:         ARMBIAN_BOOT
  Disk password:                123
  Serial console unlocking:     no
  SSH over USB unlocking:       no

  Are these settings correct? (Y/n) y
get_authorized_keys              OK
Copying boot loader (8192 sectors, 4M):
4+0 records in
4+0 records out
4194304 bytes (4.2 MB, 4.0 MiB) copied, 0.421957 s, 9.9 MB/s
copy_boot_loader                 OK
partition_sd_card                OK
Copying files to boot partition:
    101,080,678  99%   10.77MB/s    0:00:08 (xfr#145, to-chk=0/152)
copy_system_boot                 OK
create_bootpart_label            OK
Copying system to encrypted root partition:
  1,186,326,943  99%   16.16MB/s    0:01:09 (xfr#37888, to-chk=0/47428)
copy_system_root                 OK
mount_target                     OK
         Host                         Target
         ----                         ------
distro:  jammy                        jammy
kernel:  vmlinuz-5.17.5-meson64       vmlinuz-5.17.5-meson64
Unable to copy '/etc/apt/apt.conf.d/*proxy' to target (file does not exist)
armbian_rootenc_setup.sh:891: _copy_to_target() failed at command 'false'
Host script exiting with error (1)
armbian_rootenc_setup.sh:905: copy_etc_files() failed at command 'false'
Host script exiting with error (1)
copy_etc_files                   OK
copy_etc_files_distro_specific   OK
edit_initramfs_conf              OK
edit_initramfs_modules           OK
copy_authorized_keys             OK
create_etc_crypttab              OK
create_fstab                     OK
edit_dropbear_cfg                OK
netman_manage_usb0               OK
ifupdown_config_usb0             OK
create_cryptroot_unlock_sh       OK
edit_armbianEnv                  OK
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be REMOVED:
  bash-completion*
0 upgraded, 0 newly installed, 1 to remove and 31 not upgraded.
After this operation, 1,499 kB disk space will be freed.
(Reading database ... 41456 files and directories currently installed.)
Removing bash-completion (1:2.11-5ubuntu1) ...
Processing triggers for man-db (2.10.2-1) ...
(Reading database ... 40694 files and directories currently installed.)
Purging configuration files for bash-completion (1:2.11-5ubuntu1) ...
Generating 256 bit ecdsa key, this may take a while...
256 SHA256:kcNv1yOFs+xQjuvdzjF23A6r/Qy4BK6dKaLf7A1bK3c /etc/dropbear/initramfs/dropbear_ecdsa_host_key (ECDSA)
+---[ECDSA 256]---+
|                 |
|       . .   .   |
|        =   + .  |
|         + = =   |
|        S * * o  |
|         o * o o.|
|        . + + * +|
|      .ooO.*E* X |
|    .o.o*+B.+o*.+|
+----[SHA256]-----+
Generating Dropbear ED25519 host key.  Please wait.
Generating 256 bit ed25519 key, this may take a while...
256 SHA256:M2QMUYkhLLtOLyRZRDUfguhidpEAEp5o6i9WNmBoc1w /etc/dropbear/initramfs/dropbear_ed25519_host_key (ED25519)
+--[ED25519 256]--+
|==o+* ==..       |
|= =o.E.+.        |
|+=.oo . +        |
|=Oo+   o         |
|Bo=.    S        |
|+ ++     o       |
| *o..            |
| o+ .            |
|. .o             |
+----[SHA256]-----+
update-initramfs: deferring update (trigger activated)
Dropbear has been added to the initramfs. Don't forget to check
your "ip=" kernel bootparameter to match your desired initramfs
ip configuration.

rmdir: failed to remove '/etc/dropbear-initramfs': Directory not empty
ERROR: Couldn't remove directory /etc/dropbear-initramfs
Processing triggers for libc-bin (2.35-0ubuntu3) ...
Illegal instruction
Illegal instruction
dpkg: error processing package libc-bin (--configure):
 installed libc-bin package post-installation script subprocess returned error exit status 132
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for initramfs-tools (0.140ubuntu13) ...
update-initramfs: Generating /boot/initrd.img-5.17.5-meson64
Illegal instruction
Illegal instruction
update-initramfs: Converting to u-boot format
Errors were encountered while processing:
 libc-bin
E: Sub-process /usr/bin/dpkg returned an error code (1)
armbian_rootenc_setup.sh:1149: apt_install_target() failed at command 'apt --yes install $pkgs'
Target script exiting with error (100)
armbian_rootenc_setup.sh:1213: configure_target() failed at command 'chroot $TARGET_ROOT "./$PROGNAME" $ORIG_OPTS 'in_target''
Host script exiting with error (100)
Cleaning up, please wait...
close_loopmount                  OK
umount_target                    OK
update_config_vars_file          OK
remove_build_dir                 OK

 

Link to comment
Share on other sites

Hi, MMGen, thank you for your contribution here.

 

I have a Rock Pi 4A+ and am trying to install Armbian to the eMMC module, fully encrypted.

 

After running your script for /dev/mmcblk1 (the eMMC module) I am getting the following error:

 

armbian_rootenc_setup.sh:841: copy_system_root() failed at command 'cryptsetup luksOpen "/dev/$ROOT_DEVNAME" $ROOTFS_NAME'

 

I tried to unlock it manually but it doesn't work:

cryptsetup luksOpen /dev/mmcblk1p2 temp
No key available with this passphrase. 
(Yes I did use the correct key which I entered during the setup script's prompt)

Any suggestions on how to fix this?

 

Found the problem; the script isn't creating the encrypted partition correctly. If I make the luks partition manually, the script works.

 

Edited by mildparanoia
Found solution
Link to comment
Share on other sites

On 8/6/2022 at 7:07 AM, mildparanoia said:

Found the problem; the script isn't creating the encrypted partition correctly. If I make the luks partition manually, the script works.

 

Glad you got it to work. Instead of setting up the LUKS partition manually, erasing everything with the -z option might have solved the problem here.

Edited by MMGen
Link to comment
Share on other sites

On 5/30/2022 at 9:08 AM, LightJolteon said:

Hello, I've been trying to use the automated script on an Odriod HC4 running Ubuntu Jammy 5.17.5, but it always fails at some point after running APT with some illegal instruction errors. I pasted the output of the script below. I've never really asked for help on one of these forums before and I'm kind of a noob, so if I'm doing something wrong or if more information is needed then let me know.

Sorry for the extreme delay in replying to your post. Since the errors are coming from APT, this could be a distro-specific problem. Have you tried the Bullseye image?

Link to comment
Share on other sites

@DIYprojectz: It should be possible to put the encrypted root filesystem on a different device than the boot partition, though I've never tried it with an SoC or Armbian. Thanks for the idea. I promise to look into it, but don't expect immediate results as I'm busy with other things at the moment.

Link to comment
Share on other sites

Just want to say thanks!  I always intended to report back, but failed.  Script worked great for me back in 2021.Mar.02 on PineA64 that has been running perfectly to this day! 

Two important points that made me charge down this path (1) encrypt everything (2) ability to remote unlock via SSH after reboots.

 

Looking at my notes (i.e. a wrapper script that calls MMGen's script that does all hard work and is thoroughly commented).  It took me 4 attempts and what finally worked, was to rebuild all.

...

# Destination device name (e.g. SD card in USB reader)
dstDevNm=sda

export ROOTFS_NAME=somename
export IP_ADDRESS=dhcp
export BOOTPART_LABEL=somenameboot
export DISK_PASSWD=dontlook
export UNLOCKING_USERHOST=

 

# Call main script
#
# [attempt 1] -s use auth keys file, -v verbose, -z wipe all partitions
#./armbian_rootenc_setup.sh -svz $dstDevNm
#
# [attempt 2] Don't wipe all parts.
#./armbian_rootenc_setup.sh -sz $dstDevNm
#
# [attempt 3] only use auth keys
#./armbian_rootenc_setup.sh -s $dstDevNm
#
# [attempt 4] Complete rebuild [THIS WORKED!]
./armbian_rootenc_setup.sh -fFsvz $dstDevNm

...

 

 

I will be using this again to upgrade my setup, after getting the new version of MMGen's script.

Edited by dannyboy
upd
Link to comment
Share on other sites

i have issue with rock 5

 

rock01:armbian:% sudo ./armbian_rootenc_setup.sh  -R -m -F /dev/sda

             ┌───────────────────────────────────────────────────┐
             │ ⣎⣱ ⡀⣀ ⣀⣀  ⣇⡀ ⠄ ⢀⣀ ⣀⡀   ⣏⡉ ⣀⡀ ⢀⣀ ⡀⣀ ⡀⢀ ⣀⡀ ⣰⡀ ⢀⡀ ⢀⣸ │
             │ ⠇⠸ ⠏  ⠇⠇⠇ ⠧⠜ ⠇ ⠣⠼ ⠇⠸   ⠧⠤ ⠇⠸ ⠣⠤ ⠏  ⣑⡺ ⡧⠜ ⠘⠤ ⠣⠭ ⠣⠼ │
             │     ⣏⡱ ⢀⡀ ⢀⡀ ⣰⡀   ⣏⡉ ⠄ ⡇ ⢀⡀ ⢀⣀ ⡀⢀ ⢀⣀ ⣰⡀ ⢀⡀ ⣀⣀     │
             │     ⠇⠱ ⠣⠜ ⠣⠜ ⠘⠤   ⠇  ⠇ ⠣ ⠣⠭ ⠭⠕ ⣑⡺ ⠭⠕ ⠘⠤ ⠣⠭ ⠇⠇⠇    │
             │                 ⢎⡑ ⢀⡀ ⣰⡀ ⡀⢀ ⣀⡀                    │
             │                 ⠢⠜ ⠣⠭ ⠘⠤ ⠣⠼ ⡧⠜                    │
             └───────────────────────────────────────────────────┘
                      For detailed usage information,
                        invoke with the '-h' switch

get_armbian_image                OK
apt_install_host                 OK
close_loopmount                  OK
umount_target                    OK
remove_build_dir                 OK
  /dev/sda (KINGSTON SNVS1000G 931.5G) doesn’t appear to be an SD card
  for the following reasons:
      Device is non-removable
      Size is > 128GiB
  Are you sure this is the correct device of your blank SD card? (y/N) n
Exiting at user request
rock01:armbian:% nano armbian_rootenc_setup.sh                     
rock01:armbian:% sudo ./armbian_rootenc_setup.sh  -R -m -F /dev/sda

             ┌───────────────────────────────────────────────────┐
             │ ⣎⣱ ⡀⣀ ⣀⣀  ⣇⡀ ⠄ ⢀⣀ ⣀⡀   ⣏⡉ ⣀⡀ ⢀⣀ ⡀⣀ ⡀⢀ ⣀⡀ ⣰⡀ ⢀⡀ ⢀⣸ │
             │ ⠇⠸ ⠏  ⠇⠇⠇ ⠧⠜ ⠇ ⠣⠼ ⠇⠸   ⠧⠤ ⠇⠸ ⠣⠤ ⠏  ⣑⡺ ⡧⠜ ⠘⠤ ⠣⠭ ⠣⠼ │
             │     ⣏⡱ ⢀⡀ ⢀⡀ ⣰⡀   ⣏⡉ ⠄ ⡇ ⢀⡀ ⢀⣀ ⡀⢀ ⢀⣀ ⣰⡀ ⢀⡀ ⣀⣀     │
             │     ⠇⠱ ⠣⠜ ⠣⠜ ⠘⠤   ⠇  ⠇ ⠣ ⠣⠭ ⠭⠕ ⣑⡺ ⠭⠕ ⠘⠤ ⠣⠭ ⠇⠇⠇    │
             │                 ⢎⡑ ⢀⡀ ⣰⡀ ⡀⢀ ⣀⡀                    │
             │                 ⠢⠜ ⠣⠭ ⠘⠤ ⠣⠼ ⡧⠜                    │
             └───────────────────────────────────────────────────┘
                      For detailed usage information,
                        invoke with the '-h' switch

get_armbian_image                OK
apt_install_host                 OK
close_loopmount                  OK
umount_target                    OK
remove_build_dir                 OK
  /dev/sda (KINGSTON SNVS1000G 931.5G) doesn’t appear to be an SD card
  for the following reasons:
      Device is non-removable
      Size is > 128GiB
  Are you sure this is the correct device of your blank SD card? (y/N) y
Will write to target /dev/sda (KINGSTON SNVS1000G 931.5G)
check_sdcard_name_and_params     OK
create_build_dir                 OK

  Enter the IP address of the target machine.
  Enter 'dhcp' for a dynamic IP or 'none' for no remote SSH unlocking support
  IP address: none

  Enter a boot partition label for the target machine,
  or hit ENTER for the default (ARMBIAN_BOOT): 

  Enter a device name for the encrypted root filesystem,
  or hit ENTER for the default (rootfs): 

  Choose a simple disk password for the installation process.
  Once your encrypted system is up and running, you can change
  the password using the 'cryptsetup' command.
  Enter password: 123

  Unlock the disk from the serial console.  WARNING: enabling this will
  make it impossible to unlock the disk using the keyboard and monitor,
  though unlocking via SSH will still work.
  Enable unlocking via serial console? (y/n): n

  Unlock the disk via SSH over USB (g_ether).  Enable this only if your board
  supports USB gadget mode, i.e. if it has a USB OTG port. WARNING: enabling this
  will make it impossible to unlock the disk over the Ethernet interface (eth0).
  Enable unlocking via SSH over USB? (y/n): n

  The following user options are in effect:
  + force full rebuild
  + force reformat of encrypted root partition
  + add all currently loaded modules to initramfs

  Armbian image:                Armbian_22.11.2_Rock-5b_jammy_legacy_5.10.110.img
  Target device:                /dev/sda (KINGSTON SNVS1000G 931.5G)
  Root filesystem device name:  /dev/mapper/rootfs
  Target IP address:            none
  Boot partition label:         ARMBIAN_BOOT
  Disk password:                W3koslad
  Serial console unlocking:     no
  SSH over USB unlocking:       no

  Are these settings correct? (Y/n) y
setup_loopmount                  OK
check_install_state              OK
All data on /dev/sda (KINGSTON SNVS1000G 931.5G) will be destroyed!!!
Are you sure you want to continue? (y/N) y
Creating new partition label on /dev/sda
create_partition_label           OK
Copying boot loader (557056 sectors, 272M):
272+0 records in
272+0 records out
285212672 bytes (285 MB, 272 MiB) copied, 1.40963 s, 202 MB/s
copy_boot_loader                 OK
partition_sd_card                OK
Copying files to boot partition:
rsync: [sender] change_dir "/home/rock/armbian/armbian_rootenc_build/src/boot" failed: No such file or directory (2)
              0 100%    0.00kB/s    0:00:00 (xfr#0, to-chk=0/0)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1333) [sender=3.2.3]
armbian_rootenc_setup.sh:823: copy_system_boot() failed at command 'rsync $RSYNC_VERBOSITY --archive $SRC_ROOT/boot/* $BOOT_ROOT'
Host script exiting with error (23)
Cleaning up, please wait...
close_loopmount                  OK
umount_target                    OK
update_config_vars_file          OK
remove_build_dir                 OK
rock01:armbian:% ls -la
total 2095036
drwxrwxr-x 2 rock rock       4096 Mar 11 15:19 .
drwxr-x--- 7 rock rock       4096 Mar 11 15:23 ..
-rw-r--r-- 1 root root 2982150144 Mar 11 15:19 Armbian_22.11.2_Rock-5b_jammy_legacy_5.10.110.img
-rwxrwxr-x 1 rock rock      39358 Mar 11 15:15 armbian_rootenc_setup.sh

 

Link to comment
Share on other sites

On 3/11/2023 at 6:10 PM, stamatov said:

i have issue with rock 5


Try with something that is close to standards, mainline based (older) rockchip / allwinner, x86, Rpi ... when this is confirmed working there, move on

Link to comment
Share on other sites

I used this tutorial as the basis of my own script, which is heavily adapted for my own needs.  It worked for me, getting a bookworm CLI image to run on a Libre Computer Renegade.

 

Although I made lots of changes, I think the only ones necessary for getting it to work on a bookworm image were replacing "etc/dropbear-initramfs" with "etc/dropbear/initramfs" twice in step 9.4, and replacing "etc/dropbear-initramfs/config" with "etc/dropbear/initramfs/dropbear.conf" twice in step 9.7.  Perhaps this was the problem @Vasir encountered?

Link to comment
Share on other sites

Posted (edited)

The tutorial and automated script have been updated for Debian bookworm and Ubuntu noble images. Here's a summary of the changes required to make everything work:

  • replace eth0 with end0
  • replace cryptsetup-bin with cryptsetup
  • replace lsinitramfs /boot/initrd.img* with lsinitramfs /boot/initrd.img-*
  • replace etc/dropbear-initramfs with etc/dropbear/initramfs
  • replace etc/dropbear-initramfs/config with etc/dropbear/initramfs/dropbear.conf
  • before exiting the chroot, execute ssh-keygen -A
Edited by MMGen
Link to comment
Share on other sites

@MMGen

 

Got Rock 5B working by following the guide (keyboard unlock only, without SSH - as desired). Thank you very much!

 

However, at least with the following images:

 

* Armbian_24.8.1_Rock-5b_bookworm_current_6.10.6_cinnamon-backported-mesa_desktop.img.xz

 

* Armbian_24.8.1_Rock-5b_jammy_current_6.10.6_kde-neon-kisak_desktop.img.xz

 

# cat /etc/resolv.conf > etc/resolv.conf

 

does absolutely nothing, have to create the file manually and set desired DNS server there.

 

Edited by DIYprojectz
Link to comment
Share on other sites

@DIYprojectz: Thanks for the feedback and support!

 

First of all, make sure your Internet connection is active as you perform the steps in the tutorial. If it is, you should have a  non-empty /etc/resolv.conf file, and the cat command will successfully create a copy of the file's contents in the target. If that doesn't solve the problem, then here are some things you might try:

 

What does `ls -l /etc/resolv.conf` on the host produce? Is the resolv.conf file on the host a symlink? If so, you might try running `systemctl restart resolvconf` and then rechecking the file. If the host is using systemd-resolved for address resolution, try restarting that instead.

Edited by MMGen
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines